HomeNotesComputer-Networks › TLS

SSL/TLS Certificates: Securing Client-Server Interactions

SSL (Secure Sockets Layer) and TLS (Transport Layer Security) certificates are digital certificates that enable encrypted communication between clients (e.g., browsers, apps) and servers over networks. TLS (successor to SSL, now TLS 1.3 in 2025) is the standard for securing HTTP (HTTPS), email (SMTPS), and more. Certificates bind a public key to an identity (server/domain) via a trusted authority, ensuring confidentiality, integrity, and authenticity.

What Are SSL/TLS Certificates?

  • Definition: An X.509-structured file containing a public key, identity info (e.g., domain example.com), and a digital signature from a Certificate Authority (CA) like Let's Encrypt, DigiCert, or Google Trust Services. Private key (secret) is kept separate.
  • Components:
  • Public Key: For encryption/verification.
  • Subject: Entity (e.g., CN=example.com).
  • Issuer: CA that signed it.
  • Validity: Expiry date (e.g., 90 days for Let's Encrypt).
  • Extensions: SANs (Subject Alternative Names for multiple domains), key usage.

Certificate Types

Type Description Use Case
Domain Validated (DV) Basic domain control (email challenge). Quick sites (free from Let's Encrypt).
Organization Validated (OV) Verified company info. Business sites.
Extended Validation (EV) Rigorous vetting (green bar in browsers, deprecated). High-trust (banks).
Wildcard Covers subdomains (*.example.com). Multi-subdomain apps.
Client Certs For mTLS (mutual auth). API clients.
  • Chain of Trust: Root CA (trusted by OS/browsers) → Intermediate CA → Server Cert. Browser verifies chain.

How TLS Certificates Secure Client-Server Interactions

TLS uses certificates in a handshake to establish an encrypted session, followed by secure data exchange.

TLS Handshake Process (TLS 1.3 Simplified)

  1. Client Hello: Client sends supported ciphers, random nonce, Server Name Indication (SNI: example.com).
  2. Server Hello: Server selects cipher, sends cert chain (server cert + intermediates), random nonce.
  3. Certificate Verification:
  4. Client validates cert chain against trusted roots (e.g., browser's CA store).
  5. Checks expiry, revocation (OCSP/CRL), hostname match (SNI/CN/SAN).
  6. Extracts server's public key.
  7. Key Exchange: Client generates ephemeral key pair (e.g., ECDHE); encrypts pre-master secret with server's public key (or uses Diffie-Hellman).
  8. Session Keys: Both derive symmetric keys (AES-GCM) from pre-master for encryption.
  9. Finished: Mutual verification (HMAC of handshake); session established.
  10. Application Data: Encrypted bidirectional communication (e.g., HTTPS POST).

Full Flow Diagram (Text-Based):

Client ── Client Hello (SNI, Ciphers) ──► Server
Server ── Server Hello + Cert Chain + Nonce ──► Client
Client ── Verify Cert (Chain, Expiry, Host) ── Internal
Client ── Key Exchange (Ephemeral DH) ──► Server
Both ── Derive Symmetric Keys (AES) ── Internal
Client/Server ── Encrypted Data Exchange ──◄► (Confidential, Integrity)

Security Properties Achieved

  • Confidentiality: Symmetric encryption (AES) protects data in transit.
  • Integrity: HMAC or AEAD (AES-GCM) detects tampering.
  • Authentication: Server cert proves identity (client trusts CA-signed chain).
  • Forward Secrecy: Ephemeral keys (e.g., ECDHE) ensure past sessions safe if private key compromised.

Certificate Lifecycle

  1. Generation: Create CSR (Certificate Signing Request) with private key; send to CA.
  2. Issuance: CA verifies (DV: email; OV/EV: docs), signs, returns cert.
  3. Installation: Server loads cert/private key (e.g., NGINX ssl_certificate).
  4. Renewal: Auto via ACME (Let's Encrypt); monitor expiry.
  5. Revocation: If compromised, publish CRL/OCSP; clients check on connect.

Nuances: - Hostname Matching: Cert's CN/SAN must match SNI (e.g., *.example.com for subdomains). - Chain Validation: Client walks to root CA (pre-installed in trust store). - OCSP Stapling: Server includes revocation status in handshake (faster than client query). - 2025 Trends: Let's Encrypt dominant (free, auto-renew); post-quantum certs emerging (e.g., ML-KEM).

Pros: Ubiquitous security; automatic in browsers. Cons: Cert management (expiry, revocation); CA trust issues.